Visible to the public Biblio

Found 5182 results

Filters: First Letter Of Last Name is S  [Clear All Filters]
2021-01-20
Sato, Y., Yanagitani, T..  2020.  Giga-hertz piezoelectric epitaxial PZT transducer for the application of fingerprint imaging. 2020 IEEE International Ultrasonics Symposium (IUS). :1—3.

The fingerprint sensor based on pMUTs was reported [1]. Spatial resolution of the image depends on the size of the acoustic source when a plane wave is used. If the size of the acoustic source is smaller, piezoelectric films with high dielectric constant are required. In this study, in order to obtain small acoustic source, we proposed Pb(Zrx Th-x)O3 (PZT) epitaxial transducers with high dielectric constant. PbTiO3 (PTO) epitaxial films were grown on conductive La-SrTiO3 (STO) substrate by RF magnetron sputtering. Longitudinal wave conversion loss of PTO transducers was measured by a network analyzer. The thermoplastic elastomer was used instead of real fingerprint. We confirmed that conversion loss of piezoelectric film/substrate structure was increased by contacting the elastomer due the change of reflection coefficient of the substrate bottom/elastomer interface. Minimum conversion loss images were obtained by mechanically scanning the soft probe on the transducer surface. We achieved the detection of the fingerprint phantom based on the elastomer in the GHz.

2021-01-18
Sun, J., Ma, J., Quan, J., Zhu, X., I, C..  2019.  A Fuzzy String Matching Scheme Resistant to Statistical Attack. 2019 International Conference on Networking and Network Applications (NaNA). :396–402.
The fuzzy query scheme based on vector index uses Bloom filter to construct vector index for key words. Then the statistical attack based on the deviation of frequency distribution of the vector index brings out the sensitive information disclosure. Using the noise vector, a fuzzy query scheme resistant to the statistical attack serving for encrypted database, i.e. S-BF, is introduced. With the noise vector to clear up the deviation of frequency distribution of vector index, the statistical attacks to the vector index are resolved. Demonstrated by lab experiment, S-BF scheme can achieve the secure fuzzy query with the powerful privation protection capability for encrypted cloud database without the loss of fuzzy query efficiency.
Laptiev, O., Shuklin, G., Hohonianc, S., Zidan, A., Salanda, I..  2019.  Dynamic Model of Cyber Defense Diagnostics of Information Systems With The Use of Fuzzy Technologies. 2019 IEEE International Conference on Advanced Trends in Information Theory (ATIT). :116–119.
When building the architecture of cyber defense systems, one of the important tasks is to create a methodology for current diagnostics of cybersecurity status of information systems and objects of information activity. The complexity of this procedure is that having a strong security level of the object at the software level does not mean that such power is available at the hardware level or at the cryptographic level. There are always weaknesses in all levels of information security that criminals are constantly looking for. Therefore, the task of promptly calculating the likelihood of possible negative consequences from the successful implementation of cyberattacks is an urgent task today. This paper proposes an approach of obtaining an instantaneous calculation of the probabilities of negative consequences from the successful implementation of cyberattacks on objects of information activity on the basis of delayed differential equation theory and the mechanism of constructing a logical Fuzzy function. This makes it possible to diagnose the security status of the information system.
Zhu, L., Chen, C., Su, Z., Chen, W., Li, T., Yu, Z..  2020.  BBS: Micro-Architecture Benchmarking Blockchain Systems through Machine Learning and Fuzzy Set. 2020 IEEE International Symposium on High Performance Computer Architecture (HPCA). :411–423.
Due to the decentralization, irreversibility, and traceability, blockchain has attracted significant attention and has been deployed in many critical industries such as banking and logistics. However, the micro-architecture characteristics of blockchain programs still remain unclear. What's worse, the large number of micro-architecture events make understanding the characteristics extremely difficult. We even lack a systematic approach to identify the important events to focus on. In this paper, we propose a novel benchmarking methodology dubbed BBS to characterize blockchain programs at micro-architecture level. The key is to leverage fuzzy set theory to identify important micro-architecture events after the significance of them is quantified by a machine learning based approach. The important events for single programs are employed to characterize the programs while the common important events for multiple programs form an importance vector which is used to measure the similarity between benchmarks. We leverage BBS to characterize seven and six benchmarks from Blockbench and Caliper, respectively. The results show that BBS can reveal interesting findings. Moreover, by leveraging the importance characterization results, we improve that the transaction throughput of Smallbank from Fabric by 70% while reduce the transaction latency by 55%. In addition, we find that three of seven and two of six benchmarks from Blockbench and Caliper are redundant, respectively.
Sebbah, A., Kadri, B..  2020.  A Privacy and Authentication Scheme for IoT Environments Using ECC and Fuzzy Extractor. 2020 International Conference on Intelligent Systems and Computer Vision (ISCV). :1–5.
The internet of things (IoT) is consisting of many complementary elements which have their own specificities and capacities. These elements are gaining new application and use cases in our lives. Nevertheless, they open a negative horizon of security and privacy issues which must be treated delicately before the deployment of any IoT. Recently, different works emerged dealing with the same branch of issues, like the work of Yuwen Chen et al. that is called LightPriAuth. LightPriAuth has several drawbacks and weakness against various popular attacks such as Insider attack and stolen smart card. Our objective in this paper is to propose a novel solution which is “authentication scheme with three factor using ECC and fuzzy extractor” to ensure security and privacy. The obtained results had proven the superiority of our scheme's performances compared to that of LightPriAuth which, additionally, had defeated the weaknesses left by LightPriAuth.
Naganuma, K., Suzuki, T., Yoshino, M., Takahashi, K., Kaga, Y., Kunihiro, N..  2020.  New Secret Key Management Technology for Blockchains from Biometrics Fuzzy Signature. 2020 15th Asia Joint Conference on Information Security (AsiaJCIS). :54–58.

Blockchain technology is attracting attention as an innovative system for decentralized payments in fields such as financial area. On the other hand, in a decentralized environment, management of a secret key used for user authentication and digital signature becomes a big issue because if a user loses his/her secret key, he/she will also lose assets on the blockchain. This paper describes the secret key management issues in blockchain systems and proposes a solution using a biometrics-based digital signature scheme. In our proposed system, a secret key to be used for digital signature is generated from the user's biometric information each time and immediately deleted from the memory after using it. Therefore, our blockchain system has the advantage that there is no need for storage for storing secret keys throughout the system. As a result, the user does not have a risk of losing the key management devices and can prevent attacks from malware that steals the secret key.

Naik, N., Jenkins, P., Savage, N., Yang, L., Naik, K., Song, J..  2020.  Embedding Fuzzy Rules with YARA Rules for Performance Optimisation of Malware Analysis. 2020 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE). :1–7.
YARA rules utilises string or pattern matching to perform malware analysis and is one of the most effective methods in use today. However, its effectiveness is dependent on the quality and quantity of YARA rules employed in the analysis. This can be managed through the rule optimisation process, although, this may not necessarily guarantee effective utilisation of YARA rules and its generated findings during its execution phase, as the main focus of YARA rules is in determining whether to trigger a rule or not, for a suspect sample after examining its rule condition. YARA rule conditions are Boolean expressions, mostly focused on the binary outcome of the malware analysis, which may limit the optimised use of YARA rules and its findings despite generating significant information during the execution phase. Therefore, this paper proposes embedding fuzzy rules with YARA rules to optimise its performance during the execution phase. Fuzzy rules can manage imprecise and incomplete data and encompass a broad range of conditions, which may not be possible in Boolean logic. This embedding may be more advantageous when the YARA rules become more complex, resulting in multiple complex conditions, which may not be processed efficiently utilising Boolean expressions alone, thus compromising effective decision-making. This proposed embedded approach is applied on a collected malware corpus and is tested against the standard and enhanced YARA rules to demonstrate its success.
Naik, N., Jenkins, P., Savage, N., Yang, L., Boongoen, T., Iam-On, N..  2020.  Fuzzy-Import Hashing: A Malware Analysis Approach. 2020 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE). :1–8.
Malware has remained a consistent threat since its emergence, growing into a plethora of types and in large numbers. In recent years, numerous new malware variants have enabled the identification of new attack surfaces and vectors, and have become a major challenge to security experts, driving the enhancement and development of new malware analysis techniques to contain the contagion. One of the preliminary steps of malware analysis is to remove the abundance of counterfeit malware samples from the large collection of suspicious samples. This process assists in the management of man and machine resources effectively in the analysis of both unknown and likely malware samples. Hashing techniques are one of the fastest and efficient techniques for performing this preliminary analysis such as fuzzy hashing and import hashing. However, both hashing methods have their limitations and they may not be effective on their own, instead the combination of two distinctive methods may assist in improving the detection accuracy and overall performance of the analysis. This paper proposes a Fuzzy-Import hashing technique which is the combination of fuzzy hashing and import hashing to improve the detection accuracy and overall performance of malware analysis. This proposed Fuzzy-Import hashing offers several benefits which are demonstrated through the experimentation performed on the collected malware samples and compared against stand-alone techniques of fuzzy hashing and import hashing.
Singh, G., Garg, S..  2020.  Fuzzy Elliptic Curve Cryptography based Cipher Text Policy Attribute based Encryption for Cloud Security. 2020 International Conference on Intelligent Engineering and Management (ICIEM). :327–330.

Cipher Text Policy Attribute Based Encryption which is a form of Public Key Encryption has become a renowned approach as a Data access control scheme for data security and confidentiality. It not only provides the flexibility and scalability in the access control mechanisms but also enhances security by fuzzy fined-grained access control. However, schemes are there which for more security increases the key size which ultimately leads to high encryption and decryption time. Also, there is no provision for handling the middle man attacks during data transfer. In this paper, a light-weight and more scalable encryption mechanism is provided which not only uses fewer resources for encoding and decoding but also improves the security along with faster encryption and decryption time. Moreover, this scheme provides an efficient key sharing mechanism for providing secure transfer to avoid any man-in-the-middle attacks. Also, due to fuzzy policies inclusion, chances are there to get approximation of user attributes available which makes the process fast and reliable and improves the performance of legitimate users.

Santos, T. A., Magalhães, E. P., Basílio, N. P., Nepomuceno, E. G., Karimov, T. I., Butusov, D. N..  2020.  Improving Chaotic Image Encryption Using Maps with Small Lyapunov Exponents. 2020 Moscow Workshop on Electronic and Networking Technologies (MWENT). :1–4.
Chaos-based encryption is one of the promising cryptography techniques that can be used. Although chaos-based encryption provides excellent security, the finite precision of number representation in computers affects decryption accuracy negatively. In this paper, a way to mitigate some problems regarding finite precision is analyzed. We show that the use of maps with small Lyapunov exponents can improve the performance of chaotic encryption scheme, making it suitable for image encryption.
2021-01-15
Ebrahimi, M., Samtani, S., Chai, Y., Chen, H..  2020.  Detecting Cyber Threats in Non-English Hacker Forums: An Adversarial Cross-Lingual Knowledge Transfer Approach. 2020 IEEE Security and Privacy Workshops (SPW). :20—26.

The regularity of devastating cyber-attacks has made cybersecurity a grand societal challenge. Many cybersecurity professionals are closely examining the international Dark Web to proactively pinpoint potential cyber threats. Despite its potential, the Dark Web contains hundreds of thousands of non-English posts. While machine translation is the prevailing approach to process non-English text, applying MT on hacker forum text results in mistranslations. In this study, we draw upon Long-Short Term Memory (LSTM), Cross-Lingual Knowledge Transfer (CLKT), and Generative Adversarial Networks (GANs) principles to design a novel Adversarial CLKT (A-CLKT) approach. A-CLKT operates on untranslated text to retain the original semantics of the language and leverages the collective knowledge about cyber threats across languages to create a language invariant representation without any manual feature engineering or external resources. Three experiments demonstrate how A-CLKT outperforms state-of-the-art machine learning, deep learning, and CLKT algorithms in identifying cyber-threats in French and Russian forums.

Brockschmidt, J., Shang, J., Wu, J..  2019.  On the Generality of Facial Forgery Detection. 2019 IEEE 16th International Conference on Mobile Ad Hoc and Sensor Systems Workshops (MASSW). :43—47.
A variety of architectures have been designed or repurposed for the task of facial forgery detection. While many of these designs have seen great success, they largely fail to address challenges these models may face in practice. A major challenge is posed by generality, wherein models must be prepared to perform in a variety of domains. In this paper, we investigate the ability of state-of-the-art facial forgery detection architectures to generalize. We first propose two criteria for generality: reliably detecting multiple spoofing techniques and reliably detecting unseen spoofing techniques. We then devise experiments which measure how a given architecture performs against these criteria. Our analysis focuses on two state-of-the-art facial forgery detection architectures, MesoNet and XceptionNet, both being convolutional neural networks (CNNs). Our experiments use samples from six state-of-the-art facial forgery techniques: Deepfakes, Face2Face, FaceSwap, GANnotation, ICface, and X2Face. We find MesoNet and XceptionNet show potential to generalize to multiple spoofing techniques but with a slight trade-off in accuracy, and largely fail against unseen techniques. We loosely extrapolate these results to similar CNN architectures and emphasize the need for better architectures to meet the challenges of generality.
Matern, F., Riess, C., Stamminger, M..  2019.  Exploiting Visual Artifacts to Expose Deepfakes and Face Manipulations. 2019 IEEE Winter Applications of Computer Vision Workshops (WACVW). :83—92.
High quality face editing in videos is a growing concern and spreads distrust in video content. However, upon closer examination, many face editing algorithms exhibit artifacts that resemble classical computer vision issues that stem from face tracking and editing. As a consequence, we wonder how difficult it is to expose artificial faces from current generators? To this end, we review current facial editing methods and several characteristic artifacts from their processing pipelines. We also show that relatively simple visual artifacts can be already quite effective in exposing such manipulations, including Deepfakes and Face2Face. Since the methods are based on visual features, they are easily explicable also to non-technical experts. The methods are easy to implement and offer capabilities for rapid adjustment to new manipulation types with little data available. Despite their simplicity, the methods are able to achieve AUC values of up to 0.866.
Yadav, D., Salmani, S..  2019.  Deepfake: A Survey on Facial Forgery Technique Using Generative Adversarial Network. 2019 International Conference on Intelligent Computing and Control Systems (ICCS). :852—857.
"Deepfake" it is an incipiently emerging face video forgery technique predicated on AI technology which is used for creating the fake video. It takes images and video as source and it coalesces these to make a new video using the generative adversarial network and the output is very convincing. This technique is utilized for generating the unauthentic spurious video and it is capable of making it possible to generate an unauthentic spurious video of authentic people verbally expressing and doing things that they never did by swapping the face of the person in the video. Deepfake can create disputes in countries by influencing their election process by defaming the character of the politician. This technique is now being used for character defamation of celebrities and high-profile politician just by swapping the face with someone else. If it is utilized in unethical ways, this could lead to a serious problem. Someone can use this technique for taking revenge from the person by swapping face in video and then posting it to a social media platform. In this paper, working of Deepfake technique along with how it can swap faces with maximum precision in the video has been presented. Further explained are the different ways through which we can identify if the video is generated by Deepfake and its advantages and drawback have been listed.
Li, Y., Yang, X., Sun, P., Qi, H., Lyu, S..  2020.  Celeb-DF: A Large-Scale Challenging Dataset for DeepFake Forensics. 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). :3204—3213.
AI-synthesized face-swapping videos, commonly known as DeepFakes, is an emerging problem threatening the trustworthiness of online information. The need to develop and evaluate DeepFake detection algorithms calls for datasets of DeepFake videos. However, current DeepFake datasets suffer from low visual quality and do not resemble DeepFake videos circulated on the Internet. We present a new large-scale challenging DeepFake video dataset, Celeb-DF, which contains 5,639 high-quality DeepFake videos of celebrities generated using improved synthesis process. We conduct a comprehensive evaluation of DeepFake detection methods and datasets to demonstrate the escalated level of challenges posed by Celeb-DF.
Maksutov, A. A., Morozov, V. O., Lavrenov, A. A., Smirnov, A. S..  2020.  Methods of Deepfake Detection Based on Machine Learning. 2020 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). :408—411.
Nowadays, people faced an emerging problem of AI-synthesized face swapping videos, widely known as the DeepFakes. This kind of videos can be created to cause threats to privacy, fraudulence and so on. Sometimes good quality DeepFake videos recognition could be hard to distinguish with people eyes. That's why researchers need to develop algorithms to detect them. In this work, we present overview of indicators that can tell us about the fact that face swapping algorithms were used on photos. Main purpose of this paper is to find algorithm or technology that can decide whether photo was changed with DeepFake technology or not with good accuracy.
Rana, M. S., Sung, A. H..  2020.  DeepfakeStack: A Deep Ensemble-based Learning Technique for Deepfake Detection. 2020 7th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2020 6th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom). :70—75.
Recent advances in technology have made the deep learning (DL) models available for use in a wide variety of novel applications; for example, generative adversarial network (GAN) models are capable of producing hyper-realistic images, speech, and even videos, such as the so-called “Deepfake” produced by GANs with manipulated audio and/or video clips, which are so realistic as to be indistinguishable from the real ones in human perception. Aside from innovative and legitimate applications, there are numerous nefarious or unlawful ways to use such counterfeit contents in propaganda, political campaigns, cybercrimes, extortion, etc. To meet the challenges posed by Deepfake multimedia, we propose a deep ensemble learning technique called DeepfakeStack for detecting such manipulated videos. The proposed technique combines a series of DL based state-of-art classification models and creates an improved composite classifier. Based on our experiments, it is shown that DeepfakeStack outperforms other classifiers by achieving an accuracy of 99.65% and AUROC of 1.0 score in detecting Deepfake. Therefore, our method provides a solid basis for building a Realtime Deepfake detector.
2021-01-11
Shin, H. C., Chang, J., Na, K..  2020.  Anomaly Detection Algorithm Based on Global Object Map for Video Surveillance System. 2020 20th International Conference on Control, Automation and Systems (ICCAS). :793—795.

Recently, smart video security systems have been active. The existing video security system is mainly a method of detecting a local abnormality of a unit camera. In this case, it is difficult to obtain the characteristics of each local region and the situation for the entire watching area. In this paper, we developed an object map for the entire surveillance area using a combination of surveillance cameras, and developed an algorithm to detect anomalies by learning normal situations. The surveillance camera in each area detects and tracks people and cars, and creates a local object map and transmits it to the server. The surveillance server combines each local maps to generate a global map for entire areas. Probability maps were automatically calculated from the global maps, and normal and abnormal decisions were performed through trained data about normal situations. For three reporting status: normal, caution, and warning, and the caution report performance shows that normal detection 99.99% and abnormal detection 86.6%.

Gautam, A., Singh, S..  2020.  A Comparative Analysis of Deep Learning based Super-Resolution Techniques for Thermal Videos. 2020 Third International Conference on Smart Systems and Inventive Technology (ICSSIT). :919—925.

Video streams acquired from thermal cameras are proven to be beneficial in diverse number of fields including military, healthcare, law enforcement, and security. Despite the hype, thermal imaging is increasingly affected by poor resolution, where it has expensive optical sensors and inability to attain optical precision. In recent years, deep learning based super-resolution algorithms are developed to enhance the video frame resolution at high accuracy. This paper presents a comparative analysis of super resolution (SR) techniques based on deep neural networks (DNN) that are applied on thermal video dataset. SRCNN, EDSR, Auto-encoder, and SRGAN are also discussed and investigated. Further the results on benchmark thermal datasets including FLIR, OSU thermal pedestrian database and OSU color thermal database are evaluated and analyzed. Based on the experimental results, it is concluded that, SRGAN has delivered a superior performance on thermal frames when compared to other techniques and improvements, which has the ability to provide state-of-the art performance in real time operations.

Johnson, N., Near, J. P., Hellerstein, J. M., Song, D..  2020.  Chorus: a Programming Framework for Building Scalable Differential Privacy Mechanisms. 2020 IEEE European Symposium on Security and Privacy (EuroS P). :535–551.
Differential privacy is fast becoming the gold standard in enabling statistical analysis of data while protecting the privacy of individuals. However, practical use of differential privacy still lags behind research progress because research prototypes cannot satisfy the scalability requirements of production deployments. To address this challenge, we present Chorus, a framework for building scalable differential privacy mechanisms which is based on cooperation between the mechanism itself and a high-performance production database management system (DBMS). We demonstrate the use of Chorus to build the first highly scalable implementations of complex mechanisms like Weighted PINQ, MWEM, and the matrix mechanism. We report on our experience deploying Chorus at Uber, and evaluate its scalability on real-world queries.
Wu, N., Farokhi, F., Smith, D., Kaafar, M. A..  2020.  The Value of Collaboration in Convex Machine Learning with Differential Privacy. 2020 IEEE Symposium on Security and Privacy (SP). :304–317.
In this paper, we apply machine learning to distributed private data owned by multiple data owners, entities with access to non-overlapping training datasets. We use noisy, differentially-private gradients to minimize the fitness cost of the machine learning model using stochastic gradient descent. We quantify the quality of the trained model, using the fitness cost, as a function of privacy budget and size of the distributed datasets to capture the trade-off between privacy and utility in machine learning. This way, we can predict the outcome of collaboration among privacy-aware data owners prior to executing potentially computationally-expensive machine learning algorithms. Particularly, we show that the difference between the fitness of the trained machine learning model using differentially-private gradient queries and the fitness of the trained machine model in the absence of any privacy concerns is inversely proportional to the size of the training datasets squared and the privacy budget squared. We successfully validate the performance prediction with the actual performance of the proposed privacy-aware learning algorithms, applied to: financial datasets for determining interest rates of loans using regression; and detecting credit card frauds using support vector machines.
Zhao, F., Skums, P., Zelikovsky, A., Sevigny, E. L., Swahn, M. H., Strasser, S. M., Huang, Y., Wu, Y..  2020.  Computational Approaches to Detect Illicit Drug Ads and Find Vendor Communities Within Social Media Platforms. IEEE/ACM Transactions on Computational Biology and Bioinformatics. :1–1.
The opioid abuse epidemic represents a major public health threat to global populations. The role social media may play in facilitating illicit drug trade is largely unknown due to limited research. However, it is known that social media use among adults in the US is widespread, there is vast capability for online promotion of illegal drugs with delayed or limited deterrence of such messaging, and further, general commercial sale applications provide safeguards for transactions; however, they do not discriminate between legal and illegal sale transactions. These characteristics of the social media environment present challenges to surveillance which is needed for advancing knowledge of online drug markets and the role they play in the drug abuse and overdose deaths. In this paper, we present a computational framework developed to automatically detect illicit drug ads and communities of vendors.The SVM- and CNNbased methods for detecting illicit drug ads, and a matrix factorization based method for discovering overlapping communities have been extensively validated on the large dataset collected from Google+, Flickr and Tumblr. Pilot test results demonstrate that our computational methods can effectively identify illicit drug ads and detect vendor-community with accuracy. These methods hold promise to advance scientific knowledge surrounding the role social media may play in perpetuating the drug abuse epidemic.
Majhi, D., Rao, M., Sahoo, S., Dash, S. P., Mohapatra, D. P..  2020.  Modified Grey Wolf Optimization(GWO) based Accident Deterrence in Internet of Things (IoT) enabled Mining Industry. 2020 International Conference on Computer Science, Engineering and Applications (ICCSEA). :1–4.
The occurrences of accidents in mining industries owing to the fragile health conditions of mine workers are reportedly increasing. Health conditions measured as heart rate or pulse, glycemic index, and blood pressure are often crucial parameters that lead to failure in proper reasoning when not within acceptable ranges. These parameters, such as heartbeat rate can be measured continuously using sensors. The data can be monitored remotely and, when found to be of concern, can send necessary alarms to the mine manager. The early alarm notification enables the mine manager with better preparedness for managing the reach of first aid to the accident spot and thereby reduce mine fatalities drastically. This paper presents a framework for deterring accidents in mines with the help of the Grey Wolf Optimization approach.
Saleh, I., Ji, H..  2020.  Network Traffic Images: A Deep Learning Approach to the Challenge of Internet Traffic Classification. 2020 10th Annual Computing and Communication Workshop and Conference (CCWC). :0329–0334.
The challenge of network traffic classification exists at the heart of many networking related tasks aimed at improving the overall user experience and usability of the internet. Current techniques, such as deep packet inspection, depend heavily on interaction by network administrators and engineers to maintain up to date stores of application network signatures and the infrastructure required to utilize them effectively. In this paper, we introduce Network Traffic Images, a 2-dimensional (2D) formulation of a stream of packet header lengths, which enable us to employ deep convolutional neural networks for network traffic classification. Five different network traffic image orientation mappings are carefully designed to deduce the best way to transform the 1-dimensional packet-subflow into a 2D image. Two different mapping strategies, one packet-relative and the other time-relative, are experimented with to map the packets of a packet flow to the pixels in the image. Experiments shows that high classification accuracy can be achieved with minimal manual effort using network traffic images in deep learning.
Nyasore, O. N., Zavarsky, P., Swar, B., Naiyeju, R., Dabra, S..  2020.  Deep Packet Inspection in Industrial Automation Control System to Mitigate Attacks Exploiting Modbus/TCP Vulnerabilities. 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :241–245.

Modbus TCP/IP protocol is a commonly used protocol in industrial automation control systems, systems responsible for sensitive operations such as gas turbine operation and refinery control. The protocol was designed decades ago with no security features in mind. Denial of service attack and malicious parameter command injection are examples of attacks that can exploit vulnerabilities in industrial control systems that use Modbus/TCP protocol. This paper discusses and explores the use of intrusion detection and prevention systems (IDPS) with deep packet inspection (DPI) capabilities and DPI industrial firewalls that have capability to detect and stop highly specialized attacks hidden deep in the communication flow. The paper has the following objectives: (i) to develop signatures for IDPS for common attacks on Modbus/TCP based network architectures; (ii) to evaluate performance of three IDPS - Snort, Suricata and Bro - in detecting and preventing common attacks on Modbus/TCP based control systems; and (iii) to illustrate and emphasize that the IDPS and industrial firewalls with DPI capabilities are not preventing but only mitigating likelihood of exploitation of Modbus/TCP vulnerabilities in the industrial and automation control systems. The results presented in the paper illustrate that it might be challenging task to achieve requirements on real-time communication in some industrial and automation control systems in case the DPI is implemented because of the latency and jitter introduced by these IDPS and DPI industrial firewall.